Julian Mehnle wrote:
Alessandro Vesely wrote:
in RFC 4408 I read
The community is invited to observe the success or failure of the
two approaches during the two years following publication, in order
that a community consensus can be reached in the future.
Since the publication is apparently April 2006, the above implies there
is a deadline for April 2008. Is that correct? Should we provide a new
RFC by that date?
The most obvious amendment is, of course, that the protocol comes out
of its experimental status :-/
Yes, the IETF asked us to collect real-world experience after the
publication of RFC 4408. I think we should make another attempt at
getting SPFv1 onto the standards track.
However, I don't quite see yet how the conflict with Sender ID's
v=spf1/PRA abuse could be resolved. We can claim that Sender ID and
especially spf2.0 records haven't gained significant deployment in the
past two years, but Microsoft could just claim the opposite and showcase
a host of institutions that have allegedly implemented Sender ID (even if
many of them probably have implemented just SPF and no PRA checking).
AFAICS, the IETF already erred two years ago. Of course, they can persist.
Meanwhile, phishing has become an internationalized practice and end users
don't know who to blame. The fact that the IETF isn't able to play its
role shouldn't prevent us from playing ours.
As for amendments to RFC 4408, I'm extremely sceptical of changing any
semantics of the spec. Maybe we can clean the document up and apply the
handful of errata[1] that we have collected. Adding receiver-side policy
like you suggest in your other postings isn't something that I would do.
I didn't mean to subvert the semantics of the specs. Rather to make them
more directly comprehensible. It is difficult to explain why plain message
forwarding should be considered harmful using a sentence that ends up saying
that "[in some circumstances] the recipient MAY refuse the message". E.g.
http://en.wikipedia.org/wiki/E-mail_forwarding#_note-forward_c_harmful
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=82731601-8e8f99
Powered by Listbox: http://www.listbox.com